Hi all,
I have configured basic VPN with crypto map on physical interface. On the same interface also configured NAT (outside). With NAT-ACL local IPs NATed to physical interface public IP, then ACL for crypto map is used for encryption which matches interface publlic IP and destination public IP.
show ip nat translations shows that NAT is working.
show crypto isakmp sa shows status ACTIVE.
But show crypto ipsec sa shows:
#pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
#pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0
#pkts not decompressed: 0, #pkts decompress failed: 0
#send errors 3817, #recv errors 0
Packets encrypted and decrypted - 0 and send errors are increasing.
So what to do/check ?
Thanks